Tutorial / Cram Notes
Networking is a fundamental component in cloud environments such as Amazon Web Services (AWS), and understanding the layers of networking is vital for those preparing to take the AWS Certified Advanced Networking – Specialty (ANS-C01) exam. This exam assesses an individual’s ability to perform complex networking tasks, and a solid grasp of Layer 2 and Layer 3 technologies is a prerequisite.
Layer 2: Data Link Layer
Layer 2, or the Data Link Layer, is responsible for node-to-node data transfer within the same network segment or Local Area Network (LAN). In this layer, Ethernet is a widely used protocol, and it is where VLANs (Virtual Local Area Networks) come into play.
VLANs
VLANs allow a network engineer to segment a LAN into smaller logical groups, improving management, security, and reducing broadcast traffic. Devices within the same VLAN can communicate with each other as if they were on the same physical LAN, even if they are not. Here’s an example of how VLANs might be configured:
Switch(config)# vlan 10
Switch(config-vlan)# name Sales
Switch(config-vlan)# exit
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
In the example above, a VLAN with ID 10 is created and named “Sales.” Interface FastEthernet 0/1 is then assigned to this VLAN. Devices connected to this interface will belong to the Sales VLAN.
Switching
Switches operate at Layer 2 and use MAC addresses to forward data to the correct destination within a LAN. Switching can be divided into different types, such as Store-and-Forward and Cut-Through, each with its own advantages in terms of error checking and latency.
Layer 3: Network Layer
Layer 3, or the Network Layer, handles routing data between different networks. This layer uses logical addressing—such as IP addresses—to route packets from the source to the destination, possibly through multiple intermediary networks.
IP Addressing
IP addresses uniquely identify devices on a network and are essential for routing traffic. IPv4 addresses are 32-bit numbers, usually expressed in dotted-decimal notation (e.g., 192.168.1.1), while IPv6 addresses are 128-bit numbers, written in hexadecimal notation (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334).
Gateways
A gateway is a network point that acts as an entrance to another network. In the context of IP addressing, the default gateway is the device that routes outbound traffic from a local network to other networks or the internet.
Routing
Routing is the process of selecting paths in a network along which to send network traffic. Routers, the devices that perform routing, utilize routing tables and protocols like BGP (Border Gateway Protocol) to make efficient routing decisions.
For instance, in AWS, Route Tables dictate what paths traffic will take. A sample route table entry on AWS might look like:
| Destination | Target |
|---|---|
| 10.0.0.0/16 | local |
| 0.0.0.0/0 | igw-1a2b3c4d |
This table specifies that traffic destined for the local VPC (10.0.0.0/16) stays local, while any other traffic (0.0.0.0/0 representing all IPv4 addresses) gets directed to an Internet Gateway (igw-1a2b3c4d).
Layer 2 vs. Layer 3 Comparison
Understanding the differences between Layer 2 and Layer 3 in terms of VLANs, IP addressing, gateways, routing, and switching is essential for not just the AWS Certified Advanced Networking – Specialty exam, but for anyone involved in network engineering or architecture. Here is a comparative table for clarity:
| Feature | Layer 2 | Layer 3 |
|---|---|---|
| Devices | Switches | Routers |
| Addressing | MAC Addresses | IP Addresses |
| Segmentation | VLANs | Subnets |
| Communication | Within the same network segment | Across different networks |
| Protocols | Ethernet, 802.1Q (VLAN tagging) | IP, BGP, OSPF, etc. |
| Traffic Type | Broadcast and unicast traffic | Unicast, multicast traffic |
In conclusion, both Layer 2 and Layer 3 are integral parts of networking within AWS and understanding these layers is critical for the AWS Certified Advanced Networking – Specialty exam. Network professionals should be proficient with VLAN configurations, IP addressing schemes, gateway setups, routing policies, and understand how switches and routers operate and interact in both AWS and traditional networking environments.
Practice Test with Explanation
True or False: VLANs operate at Layer 3 of the OSI model.
- False
VLANs operate at Layer 2 of the OSI model as they deal with dividing a physical network into multiple logical segments at the data link layer.
Which of the following are required for a router to perform its function? (Select TWO)
- A) VLAN configuration
- B) IP addressing
- C) MAC address table
- D) Routing table
- E) Collision domains
B, D
A router requires IP addressing and a routing table to make decisions on where to forward packets; it uses IP addresses to route data between different network segments.
True or False: Switches operate primarily at Layer 3 of the OSI model.
- False
Switches primarily operate at Layer 2 of the OSI model, dealing with MAC addresses to switch frames within the same network segment.
What is the primary purpose of a gateway in a computer network?
- A) To connect different VLANs
- B) To route traffic between different IP subnets
- C) To provide DHCP services
- D) To prevent network loops
B
A gateway is used to route traffic between different IP subnets, acting as an access point that enables communication between devices in different network segments.
True or False: An IP address is a Layer 2 address used to identify devices on the same network segment.
- False
An IP address is a Layer 3 address used to identify devices on different network segments for routing purposes.
In an Ethernet network, what mechanism is used to prevent collisions?
- A) VLAN tagging
- B) CSMA/CD
- C) Routing
- D) Subnet masking
B
CSMA/CD (Carrier Sense Multiple Access with Collision Detection) is used in traditional Ethernet networks to prevent data collisions on a shared medium.
Multiple Select: Which of the following can be used to isolate broadcast domains in a network? (Select TWO)
- A) Switches
- B) Routers
- C) Hubs
- D) VLANs
B, D
Routers and VLANs can be used to isolate broadcast domains; routers do so by separating IP networks, and VLANs do so within a single switch by creating separate Layer 2 segments.
What is the primary purpose of subnetting?
- A) To improve network security
- B) To reduce the size of broadcast domains
- C) To increase the number of available IP addresses
- D) To connect multiple physical locations
B
The primary purpose of subnetting is to reduce the size of broadcast domains in a network, which in turn improves network performance.
True or False: An AWS VPC is an example of a Layer 2 network construct.
- False
An Amazon VPC (Virtual Private Cloud) is an example of a Layer 3 network construct, as it provides logical isolation at the IP layer within the AWS cloud.
Which device is primarily responsible for assigning IP addresses to devices on a network?
- A) Router
- B) Gateway
- C) DHCP server
- D) Switch
C
A DHCP (Dynamic Host Configuration Protocol) server is responsible for dynamically assigning IP addresses to devices on a network.
True or False: Static routing requires manual configuration of route paths.
- True
Static routing requires network administrators to manually enter routes into a router’s routing table, as opposed to dynamic routing which automatically discovers routes.
Which of the following are true regarding a Layer 3 switch? (Select TWO)
- A) It can perform routing functions.
- B) It uses MAC addresses for routing traffic.
- C) It operates solely at the Data Link layer.
- D) It can reduce the need for routers in certain network designs.
- E) It can only switch traffic within the same VLAN.
A, D
A Layer 3 switch can perform routing functions through IP addresses and can reduce the need for routers in certain network designs by handling inter-VLAN routing internally.
Interview Questions
What is the fundamental difference between Layer 2 and Layer 3 in the OSI model, and how does it relate to networking in AWS?
The fundamental difference lies in the functions they provide. Layer 2, the Data Link Layer, is responsible for communication between adjacent network nodes within the same network segment, often using MAC addresses; it primarily handles switching, VLANs and the physical addressing. Layer 3, the Network Layer, facilitates data transmission between different network segments and performs logical addressing, routing, and path determination, often utilizing IP addresses. In AWS, Elastic Network Interfaces (ENIs) operate at Layer 2, while routing tables and Internet Gateways work at Layer 3 to facilitate inter-connectivity and external access.
How do VLANs work and what issue do they solve in a network infrastructure?
VLANs, or Virtual Local Area Networks, work by logically segmenting a physical network into multiple broadcast domains, which helps reduce broadcast traffic, improve security by isolating sensitive data and enhance network management. In a cloud environment like AWS, VLANs aren’t directly managed by users but AWS uses a similar concept of logically isolated sections of the AWS cloud known as VPCs (Virtual Private Clouds) to provide network segmentation.
How does IP addressing function within a VPC, and what is the role of CIDR?
Inside a VPC, IP addressing functions to assign private IP addresses for internal communication within the AWS infrastructure. CIDR, or Classless Inter-Domain Routing, defines the IP address range and size of the VPC; it enables the use of subnet masks to designate the network boundary uniquely for each VPC and its associated subnets. CIDR thereby enables efficient allocation of IP addresses and defines network and host portions of addresses.
Can you explain the difference between static and dynamic routing, and how does AWS support both routing types?
Static routing involves fixed paths defined manually by network administrators, while dynamic routing uses protocols to automatically adjust paths between networks based on current conditions. AWS supports static routing with manually modified route tables. For dynamic routing, AWS offers BGP (Border Gateway Protocol) via AWS Direct Connect or dynamic VPN connections, where routes are automatically updated in response to changes in the network topology.
What is a routing table, and how does it function within an AWS VPC?
A routing table contains a set of rules, known as routes, that determine where network traffic is directed based on the destination IP address. Within an AWS VPC, routing tables are associated with each VPC subnet to control the flow of traffic between subnets, the internet, or other AWS services. The VPC routing tables allow for specifying which subnets are publicly accessible versus which are private.
How do subnetting and IP addressing work together in network design?
Subnetting divides a larger network into smaller, more manageable segments. By associating a smaller IP address range (or subnet) with each divided network segment, subnetting enables more efficient use of IP addresses and can enhance network security and performance. In a network design, this allows for logical separation of network resources and more fine-grained control over network traffic.
Can you describe what a network gateway is, and mention the types of gateways used in AWS?
A network gateway is a networking device that connects two different networks and allows traffic to be routed between them. In AWS, the commonly used types include Internet Gateways, which allow communication between instances in a VPC and the internet; NAT Gateways, which enable instances in a private subnet to connect to the internet or other AWS services without allowing inbound traffic; and Virtual Private Gateways, which connect the VPC to an on-premises network via VPN.
Please explain the concept of an IP address and the main differences between IPv4 and IPv
An IP address is a unique identifier assigned to each device on a network, functioning to enable the device to communicate with others on the network. IPv4 addresses are 32-bit numbers often expressed as four decimal digits separated by periods, while IPv6 addresses are 128-bit numbers written as eight groups of four hexadecimal digits separated by colons. IPv6 provides a much larger address space than IPv4, which is crucial due to the exhaustion of IPv4 addresses.
What is the purpose of a switch in a network, and how is it relevant in the AWS context?
A switch operates at Layer 2 to connect devices within the same network segment. It uses MAC addresses to forward data frames to the correct device. While AWS customers don’t manage physical switches, the concept is relevant in the virtual networking environment, as AWS’s virtualized infrastructure performs switching functions internally to manage traffic between instances and different services.
What are the considerations for choosing between a hardware VPN and AWS Direct Connect for connecting an on-premises network to AWS?
When choosing between hardware VPN and AWS Direct Connect, considerations include the required bandwidth, latency sensitive applications, reliability, and cost. A hardware VPN over the public internet is typically more cost-effective and easier to set up for smaller data requirements, while AWS Direct Connect provides a dedicated private connection for higher throughput and a more consistent network experience.
Describe how route propagation works in AWS in conjunction with Virtual Private Gateways (VGWs).
In AWS, route propagation allows for automatic propagation of routes from a Virtual Private Gateway (VGW) to a VPC’s routing tables. When enabled on a route table, any routes learned by the VGW (typically via BGP from a Direct Connect or VPN connection) are automatically added to the VPC routing table, simplifying route management and ensuring that the VPC has the necessary routes to communicate with on-premises networks.
What is the main role of a Border Gateway Protocol (BGP) in AWS, especially when dealing with AWS Direct Connect and VPN connections?
The main role of BGP in AWS, in the context of AWS Direct Connect and VPN connections, is to manage the exchange of routing information between the AWS environment and an on-premises network. This dynamic routing protocol allows AWS and the customer’s network to communicate about the best paths for traffic, ensuring route optimization and facilitating automatic failover in the case of a network failure or change in path availability.
Great intro on Layer 2 and Layer 3 networking concepts!
Can someone explain how VLANs work with AWS networking?
Thanks for the detailed explanation on IP addressing!
Is using subnet CIDR blocks in AWS the same as traditional IP addressing?
The section on gateways and routing was super helpful.
How important are gateways in AWS networking architecture?
Great breakdown of routing tables and their function.
Does AWS use Layer 3 switching?